(270) 506-5140 CONTACT US
Information Security

The ADP breach is a good reminder to always be on the lookout!

May 4, 2016 by Branan Cooper

You may have seen the news, reported in Krebs On Security and elsewhere, that payroll processing giant, ADP, was compromised by identity thieves, resulting in the loss of tax and salary data. 

Here at Venminder, we learned of it through our monitoring service Security Scorecard and wanted to be sure to let our customers know.

Check your incident response plan

In an era when information security breaches are an all-too-common event, it’s a good reminder to check your incident response plan and make sure it’s up to date and put it into action as it pertains to ADP. The business manager at your company who is responsible for ADP should reach out and officially ask for their own response, as well as their root cause analysis and planned follow up actions.

It does not appear that any sort of vulnerability or technical breach at ADP contributed to the incident, so it’s important that all firms involved with ADP understand their vital role in applying the appropriate complementary controls.

Follow up

According to the article, ADP is notifying their clients and internal communications are going out at firms that may be impacted. Even so, it’s worth continuing to monitor the news for follow ups or reports of follow up activity. There are a variety of ways to do that and we’re here to help as well with solutions.

You should also look at your risk assessment on ADP and be sure it’s updated to reflect any insightful findings. Remember, documentation at this point is key because you’ll want to be able to evidence what steps you took to handle the situation and also to remind yourself next time you’re doing due diligence or writing the risk assessment things you may want to investigate further.

It’s a scary world sometimes and when even the industry giants like ADP aren’t immune, it’s a good time to remember these things can happen anytime, so make sure your response plan is sound, your due diligence is thorough, risk assessments updated and all potential impacts documented. We have products, services and a highly experienced team ready to help. 

10 Best Practices of Really Good Vendor Managers Infographic

Branan Cooper

Written by Branan Cooper

Branan Cooper is the Chief Risk Officer at Venminder. Branan has nearly 30 years of experience in the financial services industry with a focus on the management of operational and regulatory processes and controls—most notably in the area of third party risk and operational compliance. Branan leads the Venminder delivery team as the third party risk management subject matter expert in residence. Branan also serves as an industry thought leader. He's a member of InfraGard and the Professional Risk Management Industry Association (PRMIA). And, he was selected in 2018 as an advisor to the Center for Financial Professionals (CEFPro) and board member for the Global Sourcing Resource Network (GSRN).

Follow Branan Cooper

Subscribe to the Venminder Blog